Merge "docs: Clarify that encryption should not be in reconciler pipeline"

2021-01-22 15:35:16 +00:00 · 2021-01-22 15:35:16 +00:00 · 48b26ba833
commit 48b26ba833
parent d429918ed0 13c0980e71
2 changed files with 9 additions and 2 deletions
--- a/doc/source/overview_encryption.rst
+++ b/doc/source/overview_encryption.rst
@ -781,8 +781,9 @@ encrypted.

 Encryption has no impact on the `container-reconciler` service. The
 `container-reconciler` uses an internal client to move objects between
-different policy rings. The destination object has the same URL as the source
-object and the object is moved without re-encryption.
+different policy rings. The reconciler's pipeline *MUST NOT* have encryption
+enabled. The destination object has the same URL as the source object and the
+object is moved without re-encryption.


 Considerations for developers
--- a/etc/container-reconciler.conf-sample
+++ b/etc/container-reconciler.conf-sample
@ -58,6 +58,12 @@
 # ionice_priority =

 [pipeline:main]
+# Note that the reconciler's pipeline is intentionally very sparse -- it is
+# only responsible for moving data from one policy to another and should not
+# perform any transformations beyond (potentially) changing erasure coding.
+# It notably MUST NOT include transformative middlewares (such as encryption),
+# redirection middlewares (such as symlink), or composing middlewares (such
+# as slo and dlo).
 pipeline = catch_errors proxy-logging cache proxy-server

 [app:proxy-server]